From: Kathleen Wilson <[email protected]>
To: [email protected]
Subject: Re: Symantec Test Cert Misissuance Incident
On 10/28/15 2:14 PM, Kathleen Wilson wrote:
Google has blogged about this:
https://googleonlinesecurity.blogspot.com/2015/10/sustaining-digital-certificate-security.html
We should discuss what actions Mozilla should require of Symantec, and
what would be the penalty of not completing those actions.
Do we know which exactly root certs were misused in this way?
We will want to pull them from the list of certs SiteTruth trusts.
John Nagle
SiteTruth
"Know who you're dealing with."
_______________________________________________
dev-security-policy mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security-policy
